class.ilPlainTextHandler.php

Go to the documentation of this file.

<?php

declare(strict_types=1);

use Whoops\Exception\Formatter;

class ilPlainTextHandler extends \Whoops\Handler\PlainTextHandler
{
    protected const KEY_SPACE = 25;

    private array $exclusion_list = [];

    public function withExclusionList(array $exclusion_list): self
    {
        $clone = clone $this;
        $clone->exclusion_list = $exclusion_list;
        return $clone;
    }

    private function stripNullBytes(string $ret): string
    {
        return str_replace("\0", '', $ret);
    }

    public function generateResponse(): string
    {
        return $this->getExceptionOutput() . $this->tablesContent() . "\n";
    }

    protected function getExceptionOutput(): string
    {
        return Formatter::formatExceptionPlain($this->getInspector());
    }

    protected function tablesContent(): string
    {
        $ret = '';
        foreach ($this->tables() as $title => $content) {
            $ret .= "\n\n-- $title --\n\n";
            if (count($content) > 0) {
                foreach ($content as $key => $value) {
                    $key = str_pad((string) $key, self::KEY_SPACE);

                    // indent multiline values, first print_r, split in lines,
                    // indent all but first line, then implode again.
                    $first = true;
                    $indentation = str_pad('', self::KEY_SPACE);
                    $value = implode(
                        "\n",
                        array_map(
                            static function ($line) use (&$first, $indentation): string {
                                if ($first) {
                                    $first = false;
                                    return $line;
                                }
                                return $indentation . $line;
                            },
                            explode("\n", print_r($value, true))
                        )
                    );

                    $ret .= "$key: $value\n";
                }
            } else {
                $ret .= "empty\n";
            }
        }

        return $this->stripNullBytes($ret);
    }

    protected function tables(): array
    {
        $post = $_POST;
        $server = $_SERVER;

        $post = $this->hideSensitiveData($post);
        $server = $this->hideSensitiveData($server);
        $server = $this->shortenPHPSessionId($server);

        return [
            'GET Data' => $_GET,
            'POST Data' => $post,
            'Files' => $_FILES,
            'Cookies' => $_COOKIE,
            'Session' => $_SESSION ?? [],
            'Server/Request Data' => $server,
            'Environment Variables' => $_ENV,
        ];
    }

    private function hideSensitiveData(array $super_global): array
    {
        foreach ($this->exclusion_list as $parameter) {
            if (isset($super_global[$parameter])) {
                $super_global[$parameter] = 'REMOVED FOR SECURITY';
            }

            if (isset($super_global['post_vars'][$parameter])) {
                $super_global['post_vars'][$parameter] = 'REMOVED FOR SECURITY';
            }
        }

        return $super_global;
    }

    private function shortenPHPSessionId(array $server): array
    {
        $cookie_content = $server['HTTP_COOKIE'];
        $cookie_content = explode(';', $cookie_content);

        foreach ($cookie_content as $key => $content) {
            $content_array = explode('=', $content);
            if (trim($content_array[0]) === session_name()) {
                $content_array[1] = substr($content_array[1], 0, 5) . ' (SHORTENED FOR SECURITY)';
                $cookie_content[$key] = implode('=', $content_array);
            }
        }

        $server['HTTP_COOKIE'] = implode(';', $cookie_content);

        return $server;
    }
}